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This application corresponds to International Application No. PCT/SE98/00897. 
Please amend the Application as indicated herein. 



Tn the Abstract of the Disclosure 

Please add the Abstract of the Disclosure submitted on a separate sheet herewith. 

Tn the Claims 

Please amend the claims as follows: 
Claim 3, line L delete "or 2". 

Claim 5, lines 1 and 2 , delete "any one of the preceding claims" and insert -claim 1-. 
Claim 7, line L delete "or 6". 

Claim 8, line L delete "any one of claims 1-6" and insert -claim 1~. 
Claim 9, line L delete "any one of claims 1-6" and insert -claim 1-. 
Claim 10, line L delete "any one of claims 1-6" and insert -claim 1-. 
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Claim 1 1, lines 1 and 2. delete "any one of the preceding claims" and insert -claim 1~. 
Claim 12, lines 1 and 2 . delete "any one of the preceding claims" and insert -claim 1~. 
Claim 13, lines 1 and 2. delete "any one of the preceding claims" and insert -claim 1~. 
Claim 15, line 1. delete "any one of claims 1-12" and insert -claim 1~. 
Claim 17, line 1 . delete "any one of claims 1-12" and insert -claim 1-. 
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Claim 19, lines 1 and 2. delete "any one of the preceding claims" and insert -claim 1~. 
Claim 20, line 1. delete "any one of claims 1-18" and insert -claim 1-. 

Please add the following new Claims 27 to 29: 

-27. A method as claimed in claim 2, characterised in that the transaction message is 
created off-line, i.e. not connected to the communications network that is used for the 
subsequent transmission of the transaction message. 

28 . A method as claimed in claim 6, characterised in that information required for the 
transaction message is input with the aid of input means arranged on the smart card, the card 
preferably being a so-called advanced smart card. 

29. A method as claimed in claim 27, characterised in that the transaction message is 



created off-line.— 
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RFMARKS 

The present amendment is intended to add an Abstract of the Disclosure and to remove 
the multiple dependency from the claims. 

The examination and allowance of this Application are respectfully requested. 
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Burns, Doane, Swecker & Mathis, L.L.P. 




Benton S. Duffett, Jr. 
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Abstract of the Disclosure 
A method and a device for carrying out electronic transactions. A sender produces, 
under his own full control, a transaction message in a smart card (1) and provides the 
message with his digital signature in the card for subsequent output and transmission. 
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ELECTRONIC TRANSACTION 
Field of the Invention 

The present invention relates to electronic trans- 
actions, i.e. primarily payments, which are effected 
electronically. More specifically, the invention con- 
5 cerns electronic transactions effected while employing 
a user card, such as a cash card, credit card, charge 
card, or the like, said card being a so-called smart 
card. 

Background Art 

10 In recent years, the interest in electronic trans- 

actions has increased signif ibahtly, especially"' concur- 
rently ^with the impact' of thV^^Internet*; -Security -matters 
have been focused,' and diffeVent- Vystems and standards 
' have Seen suggested to guara'ntee^ the 'Security -ih'^connec- 

15 tion with 'electronic transmission of - tVansactloh" mes- 
sages.^ A matter that has -attracted a ibt of -interest is 
how" to protect, ^for instance, credit ^bard numbers trans- 
mitted" via the Internet in connection with Internet shop- 
ping. What the systems and standards proposed have in 

20 common is that they are based either on the condition 
that sensitive information that may be misused, for in- 
stance a credit card number, is not to be transmitted via 
the communications network, or on the condition that such 
sensitive information is to be transmitted in encrypted 

25 form. In both alternatives, the relatively complicated 
administrative routines and system configurations etc. 
are focused, which, as will be appreciated, results in 
restrictions and obstacles to a more general use. 
Objects of the Invention 

30 A main object of the present invention is to faci- 

litate electronic transactions in a simplified fashion 
while maintaining full security. 

A further object is to facilitate different kinds 
of electronic transactions within the scope of the same 

35 basic concept • 
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One more pbject is to facilitate electronic trans- 
actions independently of the choice of information trans- 
fer channel for the used transaction message, 

A still further object 'is to facilitate electronic 
5 transactions which basically do not require transmission 
of the used transaction message through a reliable infor- 
mation transfer channel. 

Summary of the Invention 

The above-mentioned objects are achieved by the 
10 inventive features that are stated in the accompanying 
claims. 

The invention thus is based on an insight of the 
• ---.advantage of using ,special transaction messages .which, 
^ ~ - independently - and under the user ' s^ .full control are 
15 created by a user and which are of such nature .that they 
. can have -been created by ^the us^r^only, ^^they ^.Qannot have 
_ , been tampered with while being .transf erred . to^ a receiver 
or addressee without such tampering .being easily recog- 
nised (authentication) 3nd can ^easily ^be , validated after 
20 transfer for the purpose of finalising the desired trans- 
action. According to the invention, the sender uses a 
unique smart card assigned to him, with a private key 
stored therein (whose public equivalence in an asymmetriy 
cal cryptographic system is generally available) in order 
25 to provide a transaction message created by the sender 
with a digital signature which is unique to the sender, 
whereupon the signed transaction message can be trans- 
ferred in an arbitrary manner. 

Only a lawful user of the smart card can activate 
30 this to be signed, thereby satisfying a basic identity 

requirement. The digital signature further entails a data 
lock which prevents the message from being tampered with 
without this being recognised in a subsequent authentica- 
tion by using the generally available public key, which 
35 belongs to the user. The user's independent creating of 
the transaction message means full control of the con- 
tents of the message. The invention thus requires that 
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sensitive information, such as a card number, in the 
transmitted transaction message be connected to a digital 
signature to make the information at issue usable. With- 
out connection to a digital -signature, the information 
5 thus is basically of no value and consequently cannot 
be misused for false network transactions, even if the 
information could be caught by a person not concerned in 
connection with a transmission of the transaction mes- 
sage. Basically, it is irrelevant how the transmission 
10 takes place. This means an approach which is completely 
opposite to today's striving for the' provision of spe- 
cial, reliable, i.e. encrypted, communication systems for 
transmitting transaction messages 'via' e.g'r the Internet. 
" It is preferred "that a transaction message according 
15 to the "invention contains information ' on ^sender,' 'trans- 
'"acS'tiori amount arid receiver "and preferably a 'variable 
piece of information, such as a serial " number":' ^' ~ 

According to the invention,^ the 'user thus creates 
what can be said to be a signed ' "electronic' cheque" , 
20 which can be transmitted in an -arbitrary manner and at 
an arbitrary point of time to an addressee or receiver. 

Upon receipt, a transaction message according to the 
invention can be checked for authenticity by checking the 
digital signature, whereupon validation and charging or 
25 crediting the receiver with the transaction amount at 
issue can take place in an arbitrary, suitable manner, 
suitably according to the same principles as apply to the 
cashing of an ordinary cheque or to clearing in connec- 
tion with a card purchase. 
30 According to the invention, the transmitted, signed 

transaction message may contain the required transaction 
information as plain text, in which case the digital sig- 
nature can, in a manner known per se, be provided on the 
basis of a condensate of the message information. This 
35 means that the subsequent authentication, validation and 
crediting on the receiver side will be facilitated since - 
the required information is immediately available, such 
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as information on sender, which makes it easy to fetch 
the correct public key for authentication of the digital 
signature , 

If the digital signature is effected on the entire 
5 transaction message such that this is transmitted in 

encrypted form, the transmitted transaction message can 
be provided with special sender information which makes 
it possible on the receiver side to fetch the correct 
public >ey for authentication and conversion of the 
10 transaction message into plain text. 

According to the invention, the transaction message 
.may contain sender information of an arbitrary, suitable 
^ ^kind, _such as at least Jone_of the following piece^s of 
„ information V a card nixmber, a cash xaf d number, a charge 
15 _card number, .,a _ credit ^card nuiriDer, an account nuirJoer, ^ an 
invoice number, and an ^ID^number . ^If the .sjriart , card uti- 
lised according to ^the invention ^is^a ^card connected to 
an account, such as_a ^credit card,^ it may,be^ preferred 
to use the , associated , card number _as ^sender ^^informat ion. 
20 As those skilled in.^the„art realise, it is however pos- 
sible to use any kind of information, which on the re- 
ceiver side can easily be connected to a user identity 
and, consequently, to an associated account which is to 
be charged, 

25 For the receiver information, basically the same 

applies. For instance, at least one of the following 
pieces of information may be involved: a card number, 
a cash card number, a charge card number, a credit card 
number, an account number, an invoice number and an ID 

30 number. Also in this case, it is sufficient that the 
information on the receiver side can be unambiguously 
related to a receiver of payment. It should be noted that 
transferring a transaction amount to a receiver need not 
entail the crediting of a receiver account, but it may 

35 also imply that e.g. an administrative unit receiving the 
transaction message, after authentication and validation,. 



wo 98/52151 



PCT/SE98/00897 



: charges a sender account and sends to the receiver what 
may be considered a check or a postal order. 

As described above, an essential feature of the pre- 
sent invention is that the sender, i.e. the user of the 
5 smart card, creates and signs the transaction message 

under his own control, i.e. basically independently of a 
connection to a communications network and of a computer 
dialogue with a receiver, although such a dialogue of 
course may take place in .connection with the transmission 
10 of a signed transaction message. Consequently the trans- 
action message is created preferably without connection 
to the communications network or of f-line This means 
: -,that thersender fully .controls ..which :data -are ^input for 
: :: : creating of .-^he .transaction .message. As :will 'be ^appre- 
15 ciated, the signing -can :be -/carried ~out Honly ^by cthe sender 
;j„.7-;since in ,the mormal :case :he .:is >.the ^only :one to be able 
• ' „r:,.to :activate "his ;smart -card and ^to -release *the ^signing. 

: .Regarding the transmission or :handing over of :the signed 
' transmission message .there .are, . however, mo :restrictions, 
20 as -will ^be .quite easily appreciated. For example, the 

user or some person assisting him may take the smart card 
with the signed transaction message present therein to 
send the message later, to send the. message from some 
other place etc, that is to say there is a great freedom 
25 of choice. The signed transaction message could also be 
transferred to special intermediate materials or a 
transport medium to be transmitted to a receiver and/or 
addressee. 

According to the invention, it is advantageous that 
30 the transaction message is created in the smart card. The 
transaction message may suitably be created by means of 
the software inserted in the smart card in advance and 
sender information preferably inserted in the card in 
advance, e.g. a card number. Suitably a new serial num- 
35 ber is automatically • created for each transaction mes- 
sage. The input of the necessary message information in 
the card may be carried out in different ways, for in- 
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. Stance with the aid of -the input means arranged on the 
smart card, the card advantageously consisting of a so- 
called advanced smart card. Information that is required 
for the transaction message can also be input with the 
5 aid of a protected card terminal, which advantageously 
may consist of the user's own terminal or computer pro- 
vided with a card reader. Information that is necessary 
for the transaction message can also be input by means 
of a separate card communication unit, the Jatter prefer- 
10 ably later also serving as card activator. Such a unit 

can advantageously be designed as a small portable unit, 
which the user may take :along and which :is utilised by 
-^ X: ^. ;the user -when he wants :to activate .his icard and/or input 

- v;: 7 r ^information in -the card :in :surroundings where £no protect- 
: 15 •: ed card "terminal :is ^available 3 \ 7 ' : 

. ^ Information -which :iis rrequired;-f or ::the transaction 

- ^ ' message can also "be ^rinput^by -means lot ea :±elecommunica- 
':\r tions unit controlled by-ithe rsmart card,-respecially a 

mobile '^telecommunications unit, ?.such -as -a mobile tele- 
20* phone device. In this -context, the .unit may .also be used 
to transfer the signed transaction message, for instance 
by using ^a so-called SMS-type service. - 

The man skilled in the art realises that it is also 
possible to create the actual transaction message outside 
25 the smart card by using, for instance, one of the above- 
mentioned information input means. The created trans- 
action message is then input in the smart card to be 
signed. 

According to a first aspect of the present inven- 
30 tion, a method is provided for carrying out electronic 
transactions, in which a sender of transaction messages 
is assigned a smart card with an associated unique iden- 
tity and a private key stored in the card in a protected 
manner, and in which an associated public key is kept 
35 generally available, said method being characterised in 
that in connection with an electronic transaction under 
the sender's own control, preferably through his own 
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input of message information, the sender . creates a trans- 
action message, " which contains information necessary for 
the transaction, and, in his smart card, provides the 
created transaction message with his digital signature 
5 while using his own private key for the purpose of subse- 
quent output and transmission of the transaction message. 

According to a second aspect of the present inven- 
tion, a smart card is provided for carrying out electro- 
nic transactions, said card comprising means for storing 
10 of card identification information, means for protected 

storing of a private key, means for storing of an asymme- 
trical algorithm, means for input of transaction informa- 
tion into the card,' processor^ means jfor.icreating in the 
" * card a ^transaction .'message based on input transaction 
15 ^^information, '^such :as information :on .amount rand .receiver, 
' ' i:* and optionally "-^information -Stored dn^-the £card,*rsuch as 

£V.inf ormation on 'sender ::and preferably .;a serial number, and 
'^"^ for providing ^'the :transactiori jnessage with -ra -digital sig- 
^ ^ nature :on the basis 'of said private -=key -and said asymme- 
20 trical algorithm, and means for output of :the .signed 
transaction message. 

According to a third aspect of the present inven- 
tion, a combination is provided of a smart card and a 
user-controlled communication unit, which is arranged for 
25 communication with the smart card and with which the card 
is adapted to be combined with a view to producing an 
electronic transaction message, the card comprising means 
for protected storing of a private key, means for storing 
of an asymmetrical algorithm and processor means for pro- 
30 viding a created transaction message with a digital sig- 
nature based on said private key and said algorithm, and 
said communication unit comprising means for input of 
transaction information, and means being arranged in the 
communication unit and/or in the card for producing said 
35 transaction message. 

A fourth aspect of the present invention "involves 
use of a smart card with a private key stored therein and 
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asymmetrical cryptographic algorithm for providing in the 
card/ independently of the communications network, an 
electronic transaction message provided with a digital 
signature based on the private key. 
5 Additional aspects of distinctive features of the 

invention will appear from the following detailed de- 
scription of various embodiments with reference to the 
accompanying drawings. _ . 

Brief Description of the Drawings . 
10 Fig. 1 is a schematic illustration of an example of 

the carrying out of electronic transactions by using an 
open network, such as the Internet, dn ;accordance with an 
embodiment of the. present invention :„ 

_ :Fig.':2 is a schematic illustration /of the -same kind 
'15^ as in Fig.::lr exemplifying alternative ways of ^carrying 
:i r'l^ out electronic "transactions -:according :to ;the -invention. 
-^-:.r I:. Fig. 3 is a schematic illustration :of -an /-example of 
' . the -carrying out of .electronic .transactions by ;using a 

shop card terminal, according to „a idif f erent rembodiment 
20 of the present invention. - ^: " : : l ' 

Fig. 4 is a schematic illustration of the same kind 
as in Fig. 3 of another example of the icarrying out of 
electronic transactions by using a shop card terminal, 
according to the present invention. 
25' Fig. 5 is a schematic illustration of an example of 

the carrying out of electronic transactions by using a 
mobile telephone system, according to one more embodiment 
of the present invention. 

Fig. 6 is a schematic illustration of an example of 
30 the carrying out of electronic transactions by using an 

open network for direct contact with a bank, according to 
another embodiment of the present invention. . 

Fig- 7 is a schematic illustration of examples show- 
ing how an advanced smart card can be used to carry out 
35 electronic transactions in accordance with the present 
invention. ~ " ' - ^ 
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Description of Embodiments 

Fig. 1 . illustrates schematically a first embodiment 
of the invention, which can be used for credit card pay- 
ment via an open network, such as the Internet, between 
5 a sender and a receiver included in a network. The sender 
has access to a smart card 1 and a computer 3 which is 
provided with a suitable card reader (indicated at 2), 
and which typically can be a home computer and is con- 
nected to the Internet 5. A network, server 7 is connected 
10 ^ to the network 5 and to various credit card administra- 
tors 8 and 9 included in the network.. The latter are in 
: conventional manner connected ^to each .other and to 

various institutions keeping :accounts,:.;Such . as -banks 10, 
11. the present .example^, the sender, is supposed to 
: 15 r have .an .account :xn -the ,^bank :10 ^and a - credit ccard admi- 
ministered by ^the administrator c8,: iwhile vthe. xr^pe^^^ 12 
:-r^-:has an .account dn ^the .bank rll :and a ^credit ^card ^adminis- 
.tered by .the 'administrator .^9 zl.--" r. : . - 

A trusted third party (TTP)_13. is -;network _admini- 
20- strator and responsible -^f or the -necessary handling of 
keys. TTP 13 thus assigns to each user .his private key 
which is stored in a protected manner in the ..user's card 
1, and keeps a catalogue 15 available, from which the 
public key of each user can be collected. 
25 The user's smart card 1, which also has a conven- 

tional credit card function, contains in a known manner 
memory and processor means in the form of one or more 
integrated circuits (indicated at 17), as well as con- 
ventional means for enabling communication between the 
30 card and a card reader when the card is placed in the 
latter. 

In addition to the above-mentioned private key, said 
memory and processor means contain a cryptographic algo- 
rithm of an asymmetrical type, which can be a DES algo- 
35 rithm, and software for effecting the signing -of a trans- 
action message based on the private key and said crypto- . 
graphic algorithm. The smart card 1 is activated in an 
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arbitrary, suitable manner, : for instance by means of a 
~ PIN input in the card, or biometrically . 

When performing a transaction, the card 1 is placed 
in the card reader 17 of the computer 3 and the card 

-5 is activated if this has not already been done. A trans- 
action message can now be created in the smart card 1 
and/or in the computer 3. If the creation takes place 
exclusively in the card, which from the viewpoint of 
security may be preferred, the card also contains soft- 

10 ware that is suitable for this purpose. In this case, the 
required information for the transaction message {espe- 
cially regarding amount and receiver) is input via the 

- keyboard "of the computer -^3 -into the card. ; : '. - 

:■; ^ ' If the actual -transaction message Is created in 
"15 " the computer, this has been .provided i^/ith :the software 
' required "for -this purpose, -which is' :suitably -.supplied to 

- - ^ the -user' -in connection - with ' the ^issuance lof :rthe /smart 

card. Also in this case, message rinformation vis rinput 
- " - via "the keyboard. - ^ - " - ^ ^ : : : - 

20 It is advantageous to use as sender information ;a 

card identification, such as the number of the smart 
card, which is automatically supplied by the card as the 
transaction message is being created. As receiver infor- 
mation the card number of the receiver can advantageously 
25 be input. 

After creating the transaction message, it should be 
provided with a serial number and signed, which, as men- 
tioned above, is effected in the card. If the actual mes- 
sage has been created in the card, it may be desirable, 
30 with a view to restricting the software that must be 

available in the card, to effect the digital signature on 
the actual message, whereby the message obtains the form 
of cryptographic text. The signed message which is then 
transferred must be able to supply information on the 
35 sender, thereby making it possible to collect the public 
key necessary for authentication, as will be described 
below. Especially if the transaction message is created 
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in the sender's own protected computer, it may be suit- 
able to generate the digital signature on a condensate of 
the actual message, which will be available as plain text 
and also can be transmitted as plain text. 
5 The signed transaction message can now advantageous- 

ly be given the form of e-mail and then be transmitted 
via the network 5 to the network server 7. 

If the transaction message is available as plain 
text, the server 7 can, based on the information in the 
10 transaction message, directly send the signed message 
either to the sender's or the receiver's card admini- 
strator 8, 9, respectively, for the . purposes r of authenti- 
" cation "and, if authenticity --has :been "established, subse- 
quent validation, charging .the sender ^and crediting the 
-15 - sender with ^the transaction amount -involved, ::-while apply- 
' ing 'a -^suitable :clearing rprocedure^r^'i-nr-..: av^:: .tc:: 
' - The authentication :means '-.that,' -for :instance, the 

' sender's card administrator ^fetches ...the sender ' s public 
-key from a -key catalogue of ..his ^own . or -the catalogue 15 
20 of TTP 13 and, by means thereof - and of the cryptographic 
algorithm involved, checks the digital signature of the 
message. 

If the message received by the server is not avail- 
able as plain text, the server 7 fetches from the cata- 

25 logue 15 the public key belonging to the sender who can 
be identified by the received, signed transaction mes- 
sage, e.g. on the basis of special sender information 
such as a network identity or Internet identity. After 
conventional decrypting of the message by using the 

30 fetched public key, the server 7 has access to the infor- 
mation of the message as plain text and can send the mes- 
sage on for authentication etc, as mentioned above. 

One more alternative is to provide the message sent 
on the network 5 with a stated address of the authorised 

35 card administrator, for instance 8, such that the server 
can directly direct the message to him for continued pro 
cessing as described above. If the signed message is not 
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available as plain text,^ the received message must also 
in this case provide such information that the correct 
public key can be fetched for authentication and decryp- 
tion of the actual message.- 
5 Fig. 2 illustrates schematically a second embodiment 

of the invention, which uses basically the same configu- 
ration as in Fig. 1, although the transaction message 
from the sender is transmitted directly to a receiver's 
computer 21 via the network 5. The receiver sends the 
10 message on, which can be carried out via the network to 
the server 7, as -indicated by the arrow 23, or by some 
-other route as indicated -:by , the :arrow 25. : : : . 
. :;i . .z: ' - :Jn :-this embodiment, :it may .be iconvenient jthat the 

'"actual message is available. as plain .^text,- such :that the 
,15 r : receiver ^can .see the information therein .even -if he, does 
not have immediate ^access :toithe -sender Ls >public key for 
~r :: ..authentication or ^decryption rof :the ^digital signature. If 
- needed, .the signed , message can ^howevercbe encrypted by 
.the sender: with a public .key ^belonging -to :the -receiver, 
20 - in which case the receiver ^upon receipt "decrypts the mes- 
sage by using his own private key and the associated 
cryptographic algorithm and then forwards the decrypted, 
but still signed message. 

In case of a transport route 25 other than the net- 
25 work 5, it may be advantageous to use intermediate mate- 
rials, for instance a disk (indicated at 26), which in 
some suitable and reliable manner, the receiver hands 
over to his card administrator or bank for continued pro- 
cessing in accordance with that described above. It will 
30 be appreciated that the receiver can collect a number of 
received transaction messages on such intermediate mate- 
rials before taking steps for the continued processing. 

Fig. 3 illustrates schematically an embodiment of 
the invention which is suited for transactions via a 
35 foreign "terminal" 31 and which uses a user-controlled 
portable unit 33 for creating a transaction message. 



^ wo 98/52151 PCT/SE9S/00897 

13 

The unit 33 consists of a combined activator and 
information inputting means for the smart card. The unit 
33 is in a suitable manner arranged for coitvmunication 
with the card 1, for instance by comprising an integrated 
5 card reader, into which the card is inserted. The unit 33 
further has a keyboard and a display. 

When paying in e.g. a shop, the card is inserted in 
the unit 33 and activated, -for instance, by inputting a 
PIN code by means of the keyboard of the unit. By means 
10 of the keyboard, the necessary payment information is 
also input, such as amount and receiver. If the trans- 
action message is both^created and r signed in: the actual 
■ card, the -actual [information will "be '.transferred to the 
" " card. "'If 'the actual message "and optionally ra condensate 

15^^'" therieof " aire to be created-ln -the unit : 33;for7the purposes 
- -of transferring to and -signing in .the5card:>l;'^the unit is 
— - provided^ with :processor^'. means . and :the ^software required 
^ ' for this purpose. ^' - : ' : : :^ - : . 

The card with the- signed transaction message is now 
20 removed from the unit 33 and inserted into the shop's 

reader /terminal 31, from which the message is transmitted 
for continued processing in the same manner as described 
above. Accepted authentication and validation may suit- 
ably result in a receipt being sent back- to the terminal. 
25 It will be appreciated that the terminal 31 could, 

of course, communicate with the server 7 in some other 
manner than via the network 5, for instance via a pro- 
tected connection . 

Fig, 4 illustrates a variant of the embodiment shown 
30 in Fig. 3. The unit 33 in Fig. 3 is replaced by a pro- 
tected, preferably off-line computer or terminal 43, 
which can be arranged in, for instance, a shop and per- 
mits off-line, secure creation of a transaction message 
in a way similar to that described in connection with 
35 Fig. 3, for the purposes of input in a -shop card terminal 
31. - - - 
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Fig. .-5 illustrates an embodiment of the present 
, invention which .involves the use of a mobile telephone 
device 51 and an associated mobile telephone network 55- 
The mobile telephone device comprises, in addition to a 
5 mobile telephone function, also such an activating and 
input function as .described in connection with the unit 
33 in Fig. 3. The mobile telephone function is preferably 
also controlled by the smart card. . 

With the aid of the telephone function, the signed 
10 transaction message is transmitted to a unit or central 

unit 57, which effects continued processing of the trans- 
action message, for - instance, in . accordance , with that de- 
scribed in connection: with the preceding ^Figures. 
: ^ .t The -transmission , of 3the transaction:message can ad- 

'15 , vantageously take .place: while, using a^-so-calledj SMS -ser- 
- z - vice : or : the 1 i ke : of : the : mobile : t elephone ^ network . 
: . : i:-The unit '57. .could .also be^ a. special^ central unit, 
which after authentication etc. effects payments based 
^ on the received- transaction .messages. 
20 Fig. 6 illustrates an embodiment of the present 

invention which advantageously can be used to effect 
payment orders. At a sender's, i.e. payer's place, signed 
transaction messages are created as described, in this 
case exemplified with the same method as in Fig. 1. The 
25 transaction message is transmitted to the sender's bank 
10 keeping the account, which in a catalogue 60 has 
access to the sender's public key. It will be appreciated 
that the bank could be card issuer and key administrator 
and that the sender information in the transaction mes- 
30 sage can suitably consist of the sender's bank account 
number. 

Upon receipt of a transaction message and authenti- 
cation thereof, the sender's bank 10 provides for, by a 
clearing procedure, the payee, who is identified in the 
35 transaction message suitably by the associated bank 

account number, being credited with the amount at issue, - 
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i^e. the receiver's account in the receiver's bank 11 
being credited with 'the amount at issue. 

Another alternative possibility is that the sender's 
bank 10 sends a delivery order directly to the receiver 
5 12 based on, for instance, receiver information in the 
transaction message. This alternative is indicated by 
means of the dashed line 62 in Fig, 6. 

In the embodiment according to Fig. 6 it may be con- 
venient to encrypt the transmitted, signed transaction 
10 message, thereby increasing the security. The sender then 
uses the public key of the bank 10 and preferably the 

■ same cryptographic algorithm as, is used for signing. As 

i-r: will be appreciated,^' the bank .10 canidmmediately carry 

~ out decryption .by xising dts ^-private key.:: s : : 
15 . ' - --If the bank .10 Is : administrator .of : the: sender Vs pair 
of :keys,' i.e.- has both 'the -public key; and : the: private key 
belonging ':to -the .sender, tihe rsender .can .alternatively 
carry out the encryption of -.the signed message with the 
^ aid of his public ikey. -The bank .10 can then :decrypt the 
20 transmitted message by using the sender's private key, 
which is collected from a catalogue, before authentica- 
tion is carried out by using the sender's public key. 

Finally, Fig. 7 illustrates schematically the use 
of a so-called advanced smart cart in connection with the 
25 invention. The advanced smart card 71 also has a keyboard 
and a display, which allows that a signed transaction 
message can be created in the card completely without 
external aids. Subsequently the card can be inserted into 
e.g. a computer or a terminal for the purposes of for- 
30 warding the message and continued processing in accor- 
dance with that described above. 

Although the invention has been illustrated by a 
number of embodiments, the invention is of course not 
restricted thereto, and changes and modifications are 
35 feasible within the :scope of the appended claims. Thus, 
individual features from the various embodiments may 
be brought together in new combinations within the scope 
of the inventive idea. 
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CLAIMS 



5 



* 10 

ii .' - ■ - 

% 20 



25 



30 



35 



1, A method for performing electronic trans- 
actions, in which a sender of transaction messages is 
assigned a smart card with an associated unique identity 
and a private key stored in the card in a protected man- 
ner, and in which an associated public key is kept gene- 
rally available, c h a r a c t e r .i -s e d in that in 
connection with an electronic transaction under the 
sender's own control, preferably through his own input 
of message information, : the' sender creates, a transaction 
message, which contains .information :necessary .for the 
transaction, and,, in his rsmart -card,: provides :the created 
transaction message ..with his digital ^signature while 
i using "his own private -key „fon' subsequent :output> and 
.'transmission of the transaction -message .-.^ :* ::Ied 

.:2,-^ : A ■ method as^ claimed "in :claim .1, c. h.a r a c - 
t e r i.s e d in that the transaction message jcontains 
information on sender, ■ receiver, amount and preferably 
a transaction serial number. 

3, A method as claimed in claim lor2, char- 
acterised in that the transaction message is 
created off-line, i.e. not connected to the communica- 
tions network that is used for the subsequent transmis- 
sion of the transaction message. 

4, A method as claimed in claim 3, charac- 
terised in that the transaction message is created 
off-line . 

5. A method as claimed in any one of the preceding 
claims, characterised in that the transaction 
message is created in the smart card. 

6. A method as claimed in claim 5, charac- 
terised in that the transaction message is created 
with the aid of software inserted in the smart card in 
advance and preferably also sender information inserted . 
in the card in advance* 
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* '7. A method as claimed in claim 5 or 6, c h a r - 
act-erised in that information required for the 
transaction message is input with the aid of input means 
arranged on the smart card, the card preferably being a 
5 so-called advanced smart card. 

8. A method as claimed in any one of claims 1-6, 
characterised in that information necessary 
for the transaction message is input with the aid of a 
protected card terminal. 
10 9. A method as claimed in any one of claims 1-6, 

characterised in that information necessary 
for the transaction message is input with the aid of a 
separate card communication unit, the^-iatter_ preferably 
^ 3."^also being a card. activator . ^ i..- r'l : 

-.15 -'^r " dO.' , A method as claimed in^any^rone^ of ^claims ~l-6, 
v*;-:j;c h a r.^a c t e r i s/eid in tthat- information: necessary 
- v^ . for vthe /transaction, message .is input iWith_the aid of a 
^ - -telecommunications .unit controlled byr^the smart card, 
•..especially a mobile ielecommunications^. unit such as a 
20 /mobile phone. . -.z . , 

11. A method as claimed in any one of the preceding 
claims, characterised in that the transaction 
message contains sender information in the form of at 
least one of the following pieces of information: a card 

25 number, a cash card number, a charge card number, a cre- 
dit card number, an account number, an invoice number and 
an ID number. 

12. A method as claimed in any one of the preceding 
claims, characterised in that the transaction 

30 message contains receiver information in the form of at 
least one of the following pieces of information; a card 
number, a cash card number, a charge card number, a cre- 
dit card number, an account number, an invoice number and 
an ID number. 

35 13 • A method as claimed in any one of the preceding 

claims, characterised in that the signed 
transaction message is sent to a card or account admini- 



wo 98/52151 



PCT/SE98/00897 



18 

strator regarding the sender -or receiver, that the digi- 
tal signature of the transaction message is authenticated 
by using the public key^- which is assigned to the one who 
is identified as sender by .the transmitted transaction 
5 message, and that in case of authenticity, the receiver 
is credited with the transaction amount by a clearing 
process. 

14. A method as claimed in claim 13, charac- 
terised in that the signed transaction message is 
10 first sent to the receiver, who optionally after his own 
checking of the digital signature of the message forwards 
the signed transaction message to said card or account 
'''—--administrator. ' --"^ .:-„.:,:r: ::;'t:c- ■ .r^izqz^?. 

15 A method as claimed in any one of claims 1-12, 
15 "~c h-a r a c^t:e^r i s% d ^ In^- that 'the signed transaction 
■ ' -^message" 4s encrypted by using a public key belonging to 
- -the* 'addressee, ' to whom -the ^transaction -message as sent, 
" that the encrypted, ' signed transaction :message dis sent 
to the addressee, that -the "addressee by .using his private 
20 key decrypts the signed transaction message, that the 

digital signature of the transaction message is authenti- 
cated by using the public key which is assigned to the 
one who is identified as sender by the transmitted trans- 
action message, and that the receiver, in case of authen- 
25 ticity, is credited with the transaction amount by a 
clearing process, 

16. A method as claimed in claim 15, charac- 
terised in that the addressee is the receiver, that 
the receiver, after decryption, sends the signed trans- 

30 action message to a card or account administrator, where- 
upon said authentication takes place. 

17. A method as claimed in any one of claims 1-12, 
characterised in that the signed transaction 
message is encrypted by using the sender's public key and 

35 is provided with sender information and is then sent to a 
card or account administrator, who has the sender's pri- - 
vate key and who preferably has issued the user's smart 
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card, that said administrator decrypts the received 
encrypted message by using said private key, that authen- 
tication of the digital signature of the decrypted trans- 
action message takes place. by using the public key, which 
5 is assigned to the one who is identified as sender by the 
transmitted transaction message, and that the receiver, 
in case of authenticity, is credited with the transaction 
amount by a clearing process. 

18. A method as claimed in any one of claims 1-14, 
10 characterised in that the signed transaction 

message is sent non-encrypted, especially via a public 
communications -network, such as the Internet or a tele- 
-'^ communications network. ~ - . - - ; s - ^ - \ 

19. A -method as claimed in Jany :one .of ithe preced- 
15 ing claims, • c h a r a c t ~e :r--i.:s *e :d in ithat the -signed 

- - " transaction' message is sent by. e-mail.- - 5 - 

' - ' 20 : -' 'A -method as:^claimed in :any . one :of ^claims 1-18, 
characterised in that the signed ^transaction 
message is sent via a '^mobile telephone network, especial- 

20 ly by using a ' so-called . SMS service.: : . . ^ . 

21 • A smart 'card for carrying out electronic trans- 
actions, comprising means for storing card identification 
information, means for protected storing of a private 
key, means for storing an asymmetrical algorithm, means 

25 for input of transaction information into the card, pro- 
cessor means for creating in the card a transaction mes- 
sage based on input transaction information, such as 
information on amount and receiver, and optionally infor- 
mation stored in the card, such as information on sender 

30 and preferably a serial number, and for providing the 

transaction message with a digital signature on the basis 
of said private key and said asymmetrical algorithm, and 
means for output of the signed transaction message. 

22 • A card as claimed in claim 21, c h a r a c - 

35 terised in that it is of a so-called advanced type. 

23. A combination of a smart card and a user-con- . 
trolled communication unit, which is arranged for commu- 
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nication with the smart card and ,with which the card is 
adapted to be combined with a view to producing an elec- 
tronic transaction message, the card comprising means for 
protected storing of a private key, means for storing an 
5 asymmetrical algorithm and processor means for providing 
a created transaction message with a digital signature 
based on said private key and said algorithm, and said 
communication unit comprising means for input of trans- 
action information, and means being arranged in the com- 

10 munication unit and/or in the card for creating said 
transaction message. " / 

: ' 24. A combination as \claimed in claim -23, 

characterised .in:.that the communication unit 
is' ^^a 'mobile telecommunication rdevice 

15 ^ : 25.'^ A -combination as, claimed in^claim 23; 

c h a r a c.t-e-r i:s e:di in that ithe -communication unit 
- is 'a ^combined ..card ractivator and :inf prmation inputter/ 
---- 'processor ^ = - : ^ z i ~i - r ^ : z r - 

' . 26, Use of -a smart card^with a private key stored 

20 therein for providing, independently of the , communica- 
tions network, an electronic transaction message provided 
with a digital signature based on the private key. 
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